php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #10510 ini_set() as relates to max upload filesize setting
Submitted: 2001-04-26 09:58 UTC Modified: 2001-04-26 16:18 UTC
From: webmaster at snr-graphics dot com Assigned:
Status: Closed Package: *Function Specific
PHP Version: 4.0.4pl1 OS: Unix/BSD
Private report: No CVE-ID: None
 [2001-04-26 09:58 UTC] webmaster at snr-graphics dot com
First, let me say that I'm not entirely sure I would class this report as a bug, but it very well could be.

Recently, as in yesterday, I spent a number of hours trying to find a work-around to the maximum upload filesize setting.  I came across the ini_set() functions.

This appeared to be something of a solution to the delimma, by issuing a ini_set() to the max upload filesize, I figured I would be able to conduct a file upload that exceeded the default 2M limit.

It would appear that I was wrong.

Here is the situation which presented itself, and ultimately will explain why I'm emailing as a bug report.

-------- The Scenario ---------
My script resides on a "hosted" server, one which is beyond my direct control.  Naturally the host controls the settings, and the like.

I needed to conduct file uploads, which may or may not exceed the default limit.  After reviewing the manual, I found the ini_set functions. So, I decided to test the over-ride of the ini's setting for a max upload filesize.

For test purposes, we chose 4M, and issued an ini_set() to PHP. The set was successful, and our local value for the max upload filesize was 4M.

No problem, this is awesome I thought to myself, so we moved forward and attempted to upload, using a "file" field named file_url.

The end result was just un-real.

We selected a file that weighed in at approx. 2.2MB just .2 over the default limit, but well within our defined max size.

We watched our modems and bandwidth meters, seeing the transmit of the file to the server... (we think all is going sweetly).. then, nothing.

PHP gave no errors, as a matter of fact the script executed perfectly.  cept that the value of file_url became "none".. obviously something went wrong.. 

Here's what we ultimately discovered.

1) "IF" the file exceeded 2M (the default) the value of the file field is stripped and returns as "none" (as if no file was uploaded).

2) PHP Gives no "limit exceeded" error, or any errors for that matter.

3) "IF" the file is below the 2M limit, all is perfect.

In short, it would appear that the ini_set(), though it displays as being set, has no real affect.  Bug? I don't know.. I do however feel, that at the very least, PHP should give us some type of error message.. In the end, I'm left with the feeling that one of two possiblities exist here, 1) the ini_set() function holds no real coding value, or 2) I don't fully understand the function.  Granted, documentation is somewhat limited on these..

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2001-04-26 10:28 UTC] bbonev@php.net
Please take into account that the processing of post data happens _before_ your call to ini_set. Thus your new limit value has no effect to the upload and succeeds (of course) after the upload is rejected.

I would recommend setting the value through .htaccess or apache's config.

 [2001-04-26 16:18 UTC] webmaster at snr-graphics dot com
Okay, makes sense, which is partly why I would call ini_set "before" the form is loaded and data posted,
I guess I do misunderstand, as I thought that the set would remain intact until the call to restore?

By what you are saying, it would appear that the restore function would serve no purpose??

You mention using htaccess to set the limits, can you point me to some documentation on this? I am familiar with htaccess and the Apache server, but not specify PHP ini limits via such?
 
PHP Copyright © 2001-2018 The PHP Group
All rights reserved.
Last updated: Tue Dec 18 20:01:26 2018 UTC